Anonymousprnt::Y
Click on images to see them in full screen

Enable SSL

With smsPULSE you may use Microsoft Outlook Mobile Services (OMS). The service requires that you enable the smsPULSE Server to service HTTP securely using SSL. To enable the server to work with HTTPS you will need to perform the following top level tasks:

  1. Enable access to the server through your firewall over port 443 or similar
  2. Configure the Server using the name of your host, the port you have elected to use for HTTPS, list the server key ring file name and of course set the server to accept HTTPS
  3. Obtain a certificate from an SSL certificate provider and embed this in the key ring file
  4. Restart the server and test its responses to HTTPS calls
Note: From smsPULSE V7.7 we supply a free certificate, see below.

Configure secure access the server
  1. Check that your firewall is open on the HTTPS port to allow access for your users, both externally or from within your intranet
  2. If you elect to change the default port (443), you must either update the server document or use the Web UI . Go to the dashboard and click on "Host name and Core Ports"
  3. Please note that if you change any of the HTTP ports (80 or 443), the server "http" task will be restarted for you

The following form opens:



Enable SSL for the smsPULSE Site
To enable the server to correctly encrypt HTTP traffic you will need to change the relevant site document on the server. The change here is simple but you should note the following:
  1. The HTTP server will need to be restarted. If you are using smsPULSE V7.5.2 upwards the smsPULSE task is requested to start the process for you, if it's running
  2. If you are using an older version, you will either need to restart the whole server or just type the command to start the http task by yourself, by typing "lo http" at the server console
  3. On Windows 2008 Server the console will not be visible. In such a case restart the smsPULSE server from the Windows Services list

The changes you need to make are accessible via the sites list on your server. On smsPULSE for Windows the list will be very short. On smsPULSE for Domino your directory may already include a large number both internal and external sites.

Locate the correct site and click on the link to edit it:

You may now mark the site as enabled for SSL, as follows:


Creating and implementing an SSL certificate for your smsPULSE server
Certificates in the smsPULSE Server are stored inside a "key-ring" file. Please note that the smsPULSE server cannot use a self-signed certificate that is not supported by Outlook OMS.

The general process is:
  1. Create a key-ring file
  2. Buy a certificate from an SSL certificate provider
  3. Create a CSR (a certificate request)
  4. Wait for the provider to validate your email or your domain
  5. Once the provider issues your certificate these will be installed into the key-ring file created in step 1 above
  6. Copy the key-ring file (.kyr) and the password file (.sth) to the server's data directory
  7. Restart the HTTP server.


Process for smsPULSE for Windows
Please contact us for assistance with creating the above files. The process will be:
  1. Tell us the Domain name you elected to use
  2. We generate the key-ring and password files for you
  3. We also create a CSR and email it to you
  4. Using the above CSR you request a certificate
  5. The certificates will be created and emailed to you (often packaged in a zip file)
  6. Forward the email with the certificates to us
  7. We implement the certificates into the key-ring file
  8. Finally we send you the finished files to place in your server
Please note that we can also purchase the certificate for you and handle the entire process. We just need your domain name. There is a cost-based charge for this service.

Note: We may, at your request, perform the entire task, listed above, for you. In such a case you will be required to provide an email address which the SSL provider will use to approve the certificate request. As the SSL will be approved for the domain level only (hence the lower cost), the email will be something like webmaster@your_domain.com. You must be able to receive such emails and forward these to us when they arrive. We will therefore suggest that you test the addresses and use one of the following names: webmaster; postmaster; hostmaster; administrator; admin. Remember, the domain name must be externally set and must have MX records in DNS.


Process for smsPULSE for Domino
Follow the same process as listed above using the "Server Certificate Admin" database. As with the above, we will be happy to perform the task for you, at a cost-based charge. See more below.


SSL Certificate Providers
We would not normally recommend any particular SSL provider but we have successfully worked with many. The lowest costs we found came from http://www.cheapSSL.com, give them a try.


Getting your SSL Certificate using our service
We are able to apply and obtain the certificate on your behalf. For this we will need your co-operation, and the service is chargeable. The following is the required process:
  1. You configure the smsPULSE server, fully
  2. Define the host name in DNS and ensure you can browse it using the host name
  3. Check that you can run the smsPULSE Web UI, using the host name
  4. Let us know the host name
  5. Check that you can accept approval request via email, and let us know your choice (see a list of choices below)
  6. We will then create the key ring file and buy the certificate
  7. An email will be sent to you for domain approval. Forward the email to us
  8. Once the domain is approved the certificate will be issued
  9. We will then merge the certificate into the key-ring and will email it to you
  10. You then implement the key-ring into the server, as described above

Email addresses used for Domain certificate approval, using the example host name: smspulse.myCompany.com:
  1. webmaster@myCompany.com
  2. postmaster@myCompany.com
  3. hostmaster@myCompany.com
  4. administrator@myCompany.com
  5. admin@myCompany.com
  6. webmaster@smspulse.myCompany.com
  7. postmaster@smspulse.myCompany.com
  8. hostmaster@smspulse.myCompany.com
  9. administrator@smspulse.myCompany.com
  10. admin@smspulse.myCompany.com


Using a certificate provided by smsPULSE
From smsPULSE V7.7 we provide the required files so that you can set up on your server and securely browse it, and of course use it with OMS. For this purpose we provide a certificate for the sub domain:
internal.smspulse.com
To use this name please change the DNS in your network (or change some host files) so that it points at the server you installed smsPULSE on. When all is done, you should be able to browse the smsPULSE server internally, like so:
https://internal.smspulse.com


Changing DNS
You will need to change DNS in your internal DNS server. For testing purposes you can also change your local host file. The file may be found in:
C:\Windows\System32\drivers\etc
Just add a line like so:
192.168.1.100 internal.smspulse.com

Note: if you make any changes here please make sure that this is also updated in the system profile under OMS: